This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unable to import AWS VPC VPN configuration

Hi,

I'm trying to import the AWS VPN configuration file into my Sophos UTM running firmware 9.7

I have downloaded the configuration file from AWS using Sophos, UTM and v9.

However, every time I try to import it, it reports the following error:

The Amazon VPC connection object requires matching a regular expression for the identifier attribute.

 

I have also tried giving the Amazon VPC some AWS Credentials to import the connection that way. That also fails with the same error message.

 

Has anyone else seen this problem? And have you found a way passed the problem?

 

Kind regards,

Paul Macdonnell



This thread was automatically locked due to age.
Parents
  • Hi  

    Would you please share a screenshot of the error?

    Regards

    Jaydeep

  • Hi  

    Yes, of course. I have attached a screenshot of the error here now.

     

    Just some other background information. This VPN is connecting into a Transit Gateway, too.

    Doing some more research, I've found that this error is returned when trying to connect to a VPN to a Transit Gateway, but I haven't found a work-around for it yet. Other than manually creating the VPN connection.

    Do you know of work-arounds, or if there are any guides on how to manually configured the Transit Gateway VPN connection?

     

    Kind regards,

    Paul Macdonnell

  • Hi again,

    A little more background information - We're running a trial version of the UTM at the moment. Which is running on firmware version 9.700-5

     

    Kind regards,

     

    Paul Macdonnell

  • HI again,

    After some trial and error and comparing against a straight VPC Gateway VPN connection, I can see the only structural difference in the XML, was the <vpn_gateway_id/> entry.

     

    In the Transit Gateway connected XML it was only:

    <vpn_gateway_id/>

     

    In the VPC connected XML, it was:

    <vpn_gateway_id>vgw-abcdefgh</vpn_gateway_id>

     

    I replaced the Transit Gateway config XML to use a similar name for the "vpn_gateway_id" element.

    EG: <vpn_gateway_id>vgw-<transit gateway id></vpn_gateway_id>

     

    I have now successfully loaded the configuration into the UTM. Now, I'm working through making sure the VPN connects properly.

    Which it isn't right now. I'm looking through the VPN logs and testing the network configuration to make sure that it is able to connect as required.

     

    Kind regards,

     

    Paul Macdonnell

  • Hi Paul and welcome to the UTM Community!

    It sounds like you might be confounding the AWS processes for "regular" VPNs and VPC.  Did you follow Amazon Virtual Private Cloud (Amazon VPC) User Guide and Site-to-site VPN configurations for Amazon VPC?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply Children